1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

1061 Commits

Author SHA1 Message Date
Andrew Bartlett
c6cc22adc0 s4-libnet: Remove libnet_Join and create libnet_Join_member
libnet_Join conflicts with a function in the source3 netapi of the
same name, and the ability to join as a DC via this particular method
is unused.

Andrew Bartlett
2011-05-18 16:12:08 +02:00
Andrew Bartlett
7261a9b9f7 s4-libcli Remove resolve_name() as it conflicts with Samba3.
This was just a wrapper around resolve_name_ex(), so just call that
instead.

Andrew Bartlett
2011-05-03 07:37:07 +02:00
Andrew Tridgell
45e00ee686 s4-libnet: honour convention of DEBUGLEVEL>=10 for NDR print 2011-04-04 10:30:30 +10:00
Jeremy Allison
0c5214e2eb Ensure convert_string_XXX is always called with a valid converted_size pointer.
Preparation for cleaning up this API.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Mar 29 21:01:49 CEST 2011 on sn-devel-104
2011-03-29 21:01:49 +02:00
Andrew Bartlett
b5616adc8a lib/util/charset rename iconv_convenience to iconv_handle
This better reflects what this structure is

Andrew Bartlett
2011-03-25 04:37:06 +01:00
Andrew Tridgell
15e84a9a09 charcnv: removed the allow_badcharcnv and allow_bad_conv options to convert_string*()
we shouldn't accept bad multi-byte strings, it just hides problems

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Mar 24 01:47:26 CET 2011 on sn-devel-104
2011-03-24 01:47:26 +01:00
Matthias Dieter Wallnöfer
ea12adf544 s4/ldb - remove now superflous "ldb_dn_validate" checks
If we immediately afterwards perform an LDB base operation then we don't
need an explicit "ldb_dn_validate" check anymore (only OOM makes sense).

Reviewed by: Tridge
2011-03-04 22:07:24 +01:00
Matthias Dieter Wallnöfer
e4b5bce151 s4:libnet/libnet_site.c - make use of LDB return constants
Reviewed by: Tridge
2011-03-04 22:07:24 +01:00
Matthias Dieter Wallnöfer
cbef9c352a s4:libnet/libnet_samsync_ldb.c - add a "samdb_msg_add_string" wrapper
Add this in order to allow the "ADD_OR_DEL" macros to work.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-03-01 06:29:03 +01:00
Matthias Dieter Wallnöfer
c66780332b s4:remove many invocations of "samdb_msg_add_string"
This call can be substituted by "ldb_msg_add_string". We only need to be
careful on local objects or talloc'ed ones which live shorter than the message.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-03-01 06:29:03 +01:00
Kamen Mazdrashki
b1f68b6871 s4-libnet_vampire: Ignore some attributes when building working schema cache
Working schema cache will be used to convert replicated Schema objects
again later, i.e. used as reference, so we don't need to resolve all
attribute OIDs for working Schema cache to be usable.

Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Tue Mar  1 03:45:16 CET 2011 on sn-devel-104
2011-03-01 03:45:16 +01:00
Andrew Tridgell
a12239b131 s4-waf: rename smbpasswd library to smbpasswdparser
this removes a conflict with the s3 smbpasswd binary
2011-02-22 02:51:10 +01:00
Andrew Tridgell
8dc92c8f71 ldb: use #include <ldb.h> for ldb
thi ensures we are using the header corresponding to the version of
ldb we're linking against. Otherwise we could use the system ldb for
link and the in-tree one for include

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-02-10 06:51:07 +01:00
Jelmer Vernooij
8bf5356958 s4-python: Add missing prototypes. 2011-01-03 01:48:04 +01:00
Jelmer Vernooij
4350e0c3c9 s4-python: Properly call PyObject_Del from all destructors. 2011-01-01 02:54:05 +01:00
Andrew Bartlett
94a59b781c s4-auth Remove event context from privilage database handling
These local TDB operations can quite safely be handled in a new/nested
event context, rather than using the main event context.

Andrew Bartlett
2010-12-21 15:10:38 +11:00
Kamen Mazdrashki
c94e5d4438 s4-repl: Allow dsdb_replicated_objects_commit() to use different schema while committing objects
working_schema is to be used while committing a Schema replica.

When we replicate Schema, then we most probably won't be
able to convert all replicated objects using the current
Schema cache (as we don't know anything about those new objects).

Thus, during Schema replication, we make a temporary
working_schema that contains both our current Schema +
all objects we get on the wire.
When we commit those new objects, we should use our working_schema
(by setting it to the ldb), and after all changes are commited,
we can refresh the schema cache so we have a brand new,
full-featured Schema cache
2010-12-15 00:51:19 +01:00
Matthias Dieter Wallnöfer
e4b22702b6 ldb:pyldb.h - revert to the previous header behaviour
"ldb_private.h" is private and therefore might not always be available.
2010-12-12 22:55:14 +01:00
Matthias Dieter Wallnöfer
34c5bdc1c3 s4:libcli/finddc.h - fix header dependancies
And optimise includes
2010-12-12 20:06:24 +01:00
Matthias Dieter Wallnöfer
f9b87352f4 s4:libnet/py_net.c - add checks for OOM conditions 2010-12-12 20:06:24 +01:00
Matthias Dieter Wallnöfer
055a3e0fae s4:libnet_samsync_ldb.c - simplify a talloc steal call
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Tue Dec  7 16:05:30 CET 2010 on sn-devel-104
2010-12-07 16:05:30 +01:00
Matthias Dieter Wallnöfer
a07d20821a s4:libnet_samsync_ldb.c - introduce an error message on failed domain synchronisation 2010-12-07 15:19:14 +01:00
Matthias Dieter Wallnöfer
025aa3f053 s4:libnet/libnet_samsync_ldb,c - move away from "samdb_msg_add_string" when possible
Also here we can move to "ldb_msg_add_string" without any impact!
2010-12-03 20:44:58 +01:00
Matthias Dieter Wallnöfer
d14e0e8ff1 s4:libnet_JoinADSDomain - move away from "samdb_msg_add_string"
These calls can be substituted by "ldb_msg_add_string" without any problems -
only the allocation contexts of the SPNs and the DNS hostnames have to adapted.
2010-12-03 20:09:31 +01:00
Kamen Mazdrashki
4041791d01 s4-repl: Let dsdb_replicated_objects_convert() to accept schema from caller
This allows us to use schema that is different than the one
set to 'ldb' to decode objects.
2010-12-01 13:01:16 +02:00
Matthias Dieter Wallnöfer
c8aa7d5837 s4:param/secrets.h - fix "enum netr_SchannelType" include correctly 2010-11-27 21:50:41 +01:00
Andrew Tridgell
dbb9500448 s4-libnet: use the full DNS domain for CLDAP lookups if possible
many of the internal libnet interfaces use the short domain name,
which leads to unreliable NBT lookups. If we are trying to look for
our workgroup, then look for our DNS domain instead

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Sat Nov 27 03:47:52 CET 2010 on sn-devel-104
2010-11-27 03:47:52 +01:00
Kamen Mazdrashki
0868a15982 s4-repl: Propagate remote prefixMap in DRSUAPI data conversion functions 2010-11-11 18:54:20 +00:00
Kamen Mazdrashki
a8495d380e s4-repl: dsdb_extended_replicated_objects_convert -> dsdb_replicated_objects_convert/
It is part of dsdb_replicated_* family of functions
2010-11-11 18:54:20 +00:00
Kamen Mazdrashki
227e8dcfcf s4-repl: dsdb_extended_replicated_objects_commit -> dsdb_replicated_objects_commit
It is part of dsdb_replicated_* family of functions
2010-11-11 18:54:20 +00:00
Matthias Dieter Wallnöfer
eff1e8cd5d s4:libnet/libnet_samsync_ldb.c - remove "userPassword" remove code
It could also be a normal attribute with a normal content, and if it's not
like that then it's for sure empty.
2010-11-11 10:03:39 +01:00
Jelmer Vernooij
4217734a51 credentials: Lowercase library name,
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Nov  7 01:48:44 UTC 2010 on sn-devel-104
2010-11-07 01:48:44 +00:00
Kamen Mazdrashki
717b1158a6 idl: Use DRSUAPI_ATTID_ prefix instead of DRSUAPI_ATTRIBUTE_ for ATTID values
Those values are actually ATTID values and such, they are used
for ATTIDs for Attributes, Classes and Syntaxes.
2010-10-31 23:54:04 +00:00
Matthias Dieter Wallnöfer
a5fc9378df s4:libnet_join.c - only write the really essential SPNs
If we are a DC then the others are added by the "samba_spnupdate" script.

This fixes bug #7614.
2010-10-31 18:44:07 +00:00
Jelmer Vernooij
3deece5591 s4: Remove the old perl/m4/make/mk-based build system.
The new waf-based build system now has all the same functionality, and
the old build system has been broken for quite some time.

Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Oct 31 02:01:44 UTC 2010 on sn-devel-104
2010-10-31 02:01:44 +00:00
Jelmer Vernooij
a74e8be6d1 waf: Stop automaticaly changing dashes to underscores in library names. 2010-10-26 10:17:18 -07:00
Jelmer Vernooij
8cf61377aa waf: Remove lib prefix from libraries manually. 2010-10-26 10:17:17 -07:00
Jelmer Vernooij
d9cbcdd410 s4: Drop duplicate 'lib' prefix for private libraries. 2010-10-26 10:17:16 -07:00
Matthias Dieter Wallnöfer
49dee0e453 s4:dsdb - use the more safe "samdb_msg_add_(u)int*" calls always where possible
This should prevent all possible integer storage problems in future.
2010-10-24 17:57:06 +00:00
Jelmer Vernooij
fc6bfe24fd s4: Rename SMBPASSWD to smbpasswd.
Rename DSDB_MODULE to dsdb_module.
2010-10-24 00:20:04 +00:00
Jelmer Vernooij
833480d3ad s4: Rename LIBSAMBA-* to libsamba-* 2010-10-24 00:20:04 +00:00
Andrew Tridgell
acffaf2bfb s4-build: make LIBSAMBA-NET a private library
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-10-21 19:03:25 +11:00
Matthias Dieter Wallnöfer
3ead246062 s4:"util_ldb" - remove some really unused dependancies 2010-10-18 19:35:11 +02:00
Matthias Dieter Wallnöfer
a3f61dea40 Revert "s4:remove "util_ldb" submodule and integrate the three gendb_* calls in "dsdb/common/util.c""
This reverts commit 8a2ce5c47c.

Jelmer pointed out that these are also in use by other LDB databases - not only
SAMDB ones.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 17 13:37:16 UTC 2010 on sn-devel-104
2010-10-17 13:37:16 +00:00
Matthias Dieter Wallnöfer
8a2ce5c47c s4:remove "util_ldb" submodule and integrate the three gendb_* calls in "dsdb/common/util.c"
They're only in use by SAMDB code.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 17 09:40:13 UTC 2010 on sn-devel-104
2010-10-17 09:40:13 +00:00
Matthias Dieter Wallnöfer
c291858199 s4:dsdb - fix unsigned integer save problems using the "%u" specifier
The issue here is that we have not yet first cast to int32_t explicitly,
before we cast to an signed int to printf() into the %d or cast to a
int64_t before we then cast to a long long to printf into a %lld.

There are *no* unsigned integers in Active Directory LDAP, even the RID
allocations and ms-DS-Secondary-KrbTgt-Number are *signed* quantities.
(See the schema, and the syntax definitions in schema_syntax.c).

The failure has been detected by Matthieu Patou on the buildfarm host "tridge"
due to a malformed "groupType" attribute.

The solution is to use the "%d" specifier. Either to use it directly - or better
(when possible) use the call "samdb_msg_add_uint" (which encapsulates it).

This patch changes such problematic situations.
2010-10-16 10:54:46 +02:00
Matthias Dieter Wallnöfer
c362ce36b3 s4:libnet_samsync_ldb.c - use LDB result constants 2010-10-15 08:45:15 +02:00
Matthias Dieter Wallnöfer
a0e9814c0d s4:dsdb - remove "samdb_result_uint", "samdb_result_int64", "samdb_result_uint64" and "samdb_result_string"
We have ldb_msg_find_attr_as_* calls which do exactly the same. Therefore this
reduces only code redundancies.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-10-15 08:36:01 +11:00
Andrew Bartlett
5742f5115c libcli/security Use common security.h
This includes dom_sid.h and security_token.h and will be moved
to the top level shortly.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 03:35:36 UTC 2010 on sn-devel-104
2010-10-12 03:35:36 +00:00
Jelmer Vernooij
93126b3315 samdb: Add flags argument to samdb_connect(). 2010-10-10 23:08:49 +02:00
Kamen Mazdrashki
f827fcd0e0 s4-libnet_vampire: Remove unused self_corrected_schema
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Sun Oct 10 10:40:38 UTC 2010 on sn-devel-104
2010-10-10 10:40:38 +00:00
Andrew Bartlett
b44135ac73 s4-libnet_vampire use a linked list to handle schema objects pending conversion 2010-10-10 12:58:32 +03:00
Kamen Mazdrashki
837af1c29a s4-vampire: Optimize Schema decoding conversion
memmove() is removed and I am using the beginning
of the list for storage for failed objects
2010-10-10 12:58:32 +03:00
Kamen Mazdrashki
0440741473 s4-vampire: Initial implementation for multi-pass schema decoding from DRS data
We can't decode all schema object in just one (or even two)
passes when Schema tree has more levels of inheritance.
2010-10-10 12:58:32 +03:00
Kamen Mazdrashki
fb0add6605 s4-libnet_vampire: Reparent result.lp_ctx - we have already referenced it
which leads to warning that we are trying to steal
a context with references
2010-10-05 10:51:14 +00:00
Jelmer Vernooij
5548d3d41e Add missing dependencies for com_err. 2010-10-05 00:38:35 +02:00
Andrew Tridgell
9bae4cd3d9 s4-rpc: added target_principal binding handle option
this allows you to specify a target SPN for a connection

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-10-01 22:31:57 -07:00
Andrew Tridgell
87f67d3369 s4-libnet: wipe the old keytab when exporting
this prevents confusion with old keytab entries

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-30 14:36:11 -07:00
Andrew Tridgell
3d7a4cf5b6 s4-pynet: added server keyword to Net() initialisation
this sets up server_address in the libnet context

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
2010-09-25 10:38:45 -07:00
Andrew Tridgell
805d9425c2 s4-libnet: added server_address option in libnet context
this is used by libnet_LookupDCs 

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
2010-09-25 10:38:45 -07:00
Andrew Bartlett
e823cb8cac s4-libnet_join Use header constant for 'all encryption types' in msDS-SupportedEncryptionTypes 2010-09-24 09:25:44 +10:00
Andrew Bartlett
062b0ebc04 s4-libnet Remove libnet_samdump_keytab() and net samdump keytab
There is a beter implementation of this in Samba3, and this uses
functions in the credentials code that I want to remove.

The same functionality is available by running 'net samsync' and
'net export keytab'.  This isn't a DRS-backed utility, it only
used netlogon replication.

Andrew Bartlett
2010-09-24 09:25:43 +10:00
Andrew Tridgell
94694ecf4e s4-libnet: use the right domain name in libnet_lookup 2010-09-19 13:36:02 -07:00
Andrew Tridgell
2edbf74f35 s4-pynet: return the full netlogon response from python finddc
this gives the caller the other server parameters

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-16 07:24:01 +10:00
Andrew Tridgell
e18c0030e0 s4-pyjoin: fill in the dns name in the python replication method
this is needed to get the repsFrom DNS entry right

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-16 07:24:01 +10:00
Andrew Tridgell
c18e9566ea s4-libnet: force IDL printing for high debug levels
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15 15:39:36 +10:00
Andrew Tridgell
59d415f43f s4-finddc: use NBT lookup for a 1C name if joining a short domain name
once we get the 1C lookup reply, use a CLDAP query to find the details
for the server

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15 15:39:36 +10:00
Andrew Tridgell
2e92484c60 s4-pynet: added finddc call
this gives access to the CLDAP/DNS finddc code from python

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15 15:39:35 +10:00
Andrew Tridgell
58d59a08ad s4-libcli: change finddcs.h -> finddc.h
this prevents conflicts with old generated files and we can only even
return one DC with this interface.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15 15:39:35 +10:00
Andrew Tridgell
0c447e316f s4-libnet: use finddcs_cldap() in libnet_lookup
this may later be changed to do fallback to NBT as well, but for now
cldap is sufficient

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15 15:39:35 +10:00
Andrew Tridgell
041c699f3a s4-libnet: converted finddcs call to tevent_req
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15 15:39:34 +10:00
Andrew Tridgell
650dcda2a2 s4-rodc: s->schema need initialisation
this fixes a segfault in net rodc preload
2010-09-09 21:39:24 +10:00
Andrew Tridgell
e2fdcf1a7a pynet: fixed ref count error on Py_None
ensure we don't run out of None ...

Pair-Programmed-With: Jelmer Vernooij <jelmer@samba.org>
2010-09-02 13:37:07 +10:00
Andrew Tridgell
bdab6c36e8 s4-pynet: pynet depends on pyrpc_util 2010-08-27 04:41:40 +02:00
Jelmer Vernooij
64552e11dd pyrpc: Add py_check_dcerpc_type().
This function checks whether the type of a PyObject matches a
DCE/RPC Python type.

Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
2010-08-27 04:41:40 +02:00
Andrew Tridgell
aa54d239e2 s4-pynet: some systems don't have Py_TYPE()
we need a better method than this ....
2010-08-25 23:05:05 +10:00
Andrew Tridgell
4cacdf0002 s4-pynet: added replicate_init() and replicate_chunk() calls
these calls allow python code to pass chunks from DRS replication
calls into the code that applies the chunks to a database

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-25 08:40:04 +10:00
Andrew Tridgell
631c5f1fd5 s4-libnet: added libnet_vampire_replicate_init()
this is used to setup for later calls to the replicate chunk functions

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-25 08:40:04 +10:00
Andrew Tridgell
1337f5875c libnet-s4: added replicate() command in pynet
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-23 15:55:39 +10:00
Andrew Tridgell
bdc1639642 s4-libnet: split libnet_Vampire() into two parts
libnet_Replicate() will do just the replication portion of
libnet_Vampire(). This will be used by the RODC join, where the join
part of the operation happens in python, and behaves quite differently
to the libnet_Join() code.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-23 15:55:39 +10:00
Andrew Tridgell
2d2a0cb582 s4-libnet: show the DN when DsAddEntry() fails
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-23 15:55:39 +10:00
Andrew Tridgell
8a442b0822 s4-libnet: added join type constants to python interface
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-23 15:55:39 +10:00
Matthias Dieter Wallnöfer
ab3e20b82f s4:libnet - free the "c" context also on error conditions
(and if it's NULL then "talloc_free" does ignore it)
2010-08-14 18:48:20 +02:00
Anatoliy Atanasov
bf5d88ec1c s4/vampire: update dNSHostName for the Server object 2010-08-03 11:15:21 +03:00
Andrew Tridgell
6b266b85cf s4-loadparm: 2nd half of lp_ to lpcfg_ conversion
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-16 18:24:27 +10:00
Stefan Metzmacher
1ea4215e56 s4:libnet_GroupList: allocate children strings on the correct talloc parent
Otherwise the _recv() function won't move the children strings to the
callers memory context and let the callers crash.

metze
2010-07-10 09:35:02 +02:00
Stefan Metzmacher
35c554bef0 s4:libnet_UserList: allocate children strings on the correct talloc parent
Otherwise the _recv() function won't move the children strings to the
callers memory context and let the callers crash.

metze
2010-07-10 09:35:01 +02:00
Matthias Dieter Wallnöfer
b0bba4003e s4:libnet - add missing "talloc_free"s for "c" contexts on "recv" operations 2010-07-04 22:05:17 +02:00
Andrew Bartlett
9fc3f8194d s4:libnet_join Fix typo in msDS-SupportedEncryptionTypes 2010-06-29 16:59:30 +10:00
Matthias Dieter Wallnöfer
b172b7f467 s4:libnet_join.c - always use LDB constants 2010-06-24 10:04:48 +02:00
Andrew Bartlett
d0f52ddac2 s4:provision Raise default max functional level to 2008R2
We don't support many of the extra features, but that applies across many
other parts of AD.  Allow the admin to join a 2008R2 domain if he or she wants.

This also makes it possible to test 2008R2 domain code in 'make test'

Andrew Bartlett
2010-06-23 20:10:06 +10:00
Andrew Bartlett
ebc2da10cd s4:libnet When joining a domain, update msDS-SupportedEncryptionTypes
We need this for our DC to have clients use AES keys to us
2010-06-23 20:10:04 +10:00
Andrew Bartlett
c4482bf53e libds:common Remove DS_DC_* domain functionality flags
These are just a subset of the DS_DOMAIN_ functionality flags, are compared and often confused with each other.  Just make them one set.

Andrew Bartlett
2010-06-23 20:10:03 +10:00
Stefan Metzmacher
6dbcffb51d s4:lib: merge LDB_WRAP and LDBSAMBA and make LDBSAMBA a library.
This is needed to remove samba specifc symbols from the bundled
ldb, in order to get the ABI right.

metze

Signed-off-by: Andreas Schneider <asn@samba.org>
2010-06-16 14:07:28 +02:00
Andrew Bartlett
35237d5356 s4:libnet Remove 'ads min function level' checks.
We support Windows 2000 native now.

Andrew Bartlett
2010-06-16 09:57:52 +10:00
Andrew Bartlett
b5d80a225e s4:dsdb Rework the vampire schema handling to convert 3 times.
This seems like a lot of duplicate work, but by the end we should
have, in normal LDB format, the remote DRS schema, having bootstrapped
it with the locally loaded schema.

The multiple steps are to resolve the problems with references to
schema items that we don't 'yet' know about.

Andrew Bartlett

Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
2010-06-15 10:51:34 +10:00
Andrew Bartlett
7c60ac97bf s4:provision Allow a specific prefix map to be loaded into a new schema provision
This allows the prefixMap from a DRS server to be used when loading
the schema from the local files.  This helps us then import other
schema with this map in place.

Andrew Bartlett

Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
2010-06-15 10:51:34 +10:00
Andrew Bartlett
9e28ceda96 s4:dsdb Keep the DRS-based prefix map for use in provision-based schema
We need to use the remote prefix map for the provision schema, or else
we can't decode new, non-standard attributes into OIDs.  Then once we
decode that schema, we can try again and get them properly translated.

Andrew Bartlett

Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
2010-06-15 10:51:34 +10:00
Andrew Bartlett
5323485eb3 s4:dsdb Allow the setting an override on the schema
The change here is to try and convert a per the previous rules, but if
we don't know a particular OID as a attributeID, then store it as an
OID (for example).  This allows known values to be converted as
before, but still copes with unknown values.

Andrew Bartlett

Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
2010-06-15 10:51:34 +10:00
Andrew Bartlett
6a2f7fe04c s4:dsdb Use the schema from our local provision to decode the schema
This works on the assumption that the schema partition can only
contain schema objects.

We may need to pass down some kind of 'relax' to the DRS -> LDB
conversion code, so that it allows incomplete conversions, so that we
don't fail if a new attribute is present, and we can't decode it.
This would then be resolved the second time we do the conversion.

Andrew Bartlett

Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
2010-06-15 10:51:34 +10:00
Andrew Bartlett
c313590547 s4:libnet Steal ldb and lp_ctx from python result into correct structures.
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
2010-06-15 10:51:34 +10:00
Andrew Bartlett
1104b41f1e s4:libnet Make the libnet_vampire default callbacks non-static
These are intended to be called from the NET-API-BECOMEDC torture test
to avoid duplication of code.

Andrew Bartlett

Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
2010-06-15 10:51:34 +10:00
Andrew Bartlett
72486a6dd1 s4:dsdb Add debug 2010-06-12 11:19:13 +10:00
Stefan Metzmacher
625ffba8ec s4:libnet: use the new generated config from the provision for the self_join
This fixes net vampire with the --target-dir option.

metze
2010-05-22 08:41:18 +02:00
Jelmer Vernooij
f9ca9e46ad Finish removal of iconv_convenience in public API's. 2010-05-18 11:45:30 +02:00
Andrew Bartlett
6324a0f59f s4:provision Remove unused 'account_name' parameter
The python glue code didn't even de-reference this element in the
structure.

Andrew Bartlett
2010-05-18 13:20:18 +10:00
Jelmer Vernooij
f7f1a3a451 pynet: Remove unused credentials argument. 2010-05-18 01:40:19 +02:00
Andrew Bartlett
084c8065f8 s4:libnet Make 'net vampire' more robust to command line arguments
When we have just joined a domain, we know a bit about that domain.
Use these to override previous guesses as to what domain and realm to
use for the rest of the join.

Andrew Bartlett
2010-04-29 19:44:16 +10:00
Matthias Dieter Wallnöfer
eceffe6909 nbt: samlogon/netlogon structures - unify denominations 2010-04-27 18:45:41 +02:00
Andrew Tridgell
280d06f8b5 s4-libnet: cope with an empty client site name from CLDAP
We fall back to the server site name in a vampire

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-27 15:24:44 +10:00
Andrew Tridgell
4679bb731b s4-vampire: show main CLDAP response attributes during vampire 2010-04-27 15:24:40 +10:00
Andrew Tridgell
47712ab3dd s4-libnet: fixed two compiler warnings 2010-04-22 19:36:16 +10:00
Andrew Tridgell
7ccebb49af s4-pynet: accept None for target_dir in vampire 2010-04-21 13:35:55 +10:00
Andrew Tridgell
f1c523939b pytalloc: ensure talloc_ctx is directly after PyObject_HEAD
the talloc python interface for tp_alloc and tp_dealloc relies on a
cast to a py_talloc_Object to find the talloc_ctx (see
py_talloc_dealloc). This means we rely on the talloc_ctx for the
object being directly after the PyObject_HEAD

This fixes the talloc free with references bug in samba_dnsupdate

The actual problem was the tp_alloc() call in
PyCredentialCacheContainer_from_ccache_container() which used a cast
from a py_talloc_Object to a PyCredentialCacheContainerObject. That
case effectively changed the parent/child relationship between the
talloc_ctx and the ccc ptr.

This patch changes all the structures that follow this pattern to put
the TALLOC_CTX directly after the PyObject_HEAD, to ensure that if
anyone else decides to do a dangerous cast like this that it won't
cause the same sort of subtle breakage.

Pair-Programmed-With: Rusty Russell <rusty@samba.org>
2010-04-20 15:50:27 +10:00
Andrew Tridgell
e6cbbd9640 s4-python: PyErr_SetString() will crash on NULL strings
use nt_errstr() when no error available
2010-04-19 16:34:14 +10:00
Stefan Metzmacher
3f8e9b919d s4:libnet_passwd: check for NT_STATUS_RPC_ENUM_VALUE_OUT_OF_RANGE for SetPassword
metze
2010-04-15 17:32:31 +02:00
Stefan Metzmacher
2570f8dcda s4:libnet_passwd: check for NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE in the ChangePassword calls
metze
2010-04-15 17:32:31 +02:00
Stefan Metzmacher
b2261c8272 s4:libnet_rpc: check for NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE instead of NT_STATUS_NET_WRITE_FAULT
metze
2010-04-15 17:32:30 +02:00
Stefan Metzmacher
146ce6ead1 s4:libnet/libnet_join: don't look at p->last_fault_code for debugging anymore
metze
2010-04-15 09:34:02 +02:00
Matthias Dieter Wallnöfer
ad9e407357 Revert "s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functions"
We should use the "ldb_get_*_basedn" calls since they are available in the LDB
library.
2010-04-13 08:55:15 +02:00
Kamen Mazdrashki
a9e4abaa6e s4/libnet: Allocate mem in supplied mem_ctx
In this case, 'libnet_Vampire *r' may not be a pointer to
a talloced memory.
2010-04-12 04:20:36 +03:00
Kamen Mazdrashki
82b8bbdfac s4/py_net: Source code formatting fix 2010-04-12 04:20:35 +03:00
Kamen Mazdrashki
a62d0419de s4/libnet: handle errors returned for DsAddEntry_v3 properly
It turns out ms-docs are little bit misleading - in case of
no error, r->out.ctr->ctr3.err_data is not NULL, but
error information (r->out.ctr->ctr3.err_data->v1.info) is NULL!
2010-04-12 01:50:39 +03:00
Kamen Mazdrashki
cb0ad42a3d s4/libnet: Add few new lines in the debug log so it is readable again 2010-04-12 01:50:39 +03:00
Kamen Mazdrashki
9f92d586ca s4/libnet: Dump DRSUAPI_DIRERR_OK as unexpected
Actually DRSUAPI_DIRERR_OK is not valid error to be returned.
I introduce it in the IDL so that I can use it in enum.
So it should be dumped as Unexpected error code
2010-04-12 01:50:39 +03:00
Jelmer Vernooij
f83aa13f62 s4-net: Convert vampire command over to Python. 2010-04-09 11:53:00 +02:00
Jelmer Vernooij
ffa73c412e s4-net: Convert user subcommand to Python. 2010-04-09 11:53:00 +02:00
Jelmer Vernooij
0c6f434b7b net: Convert time command to python. 2010-04-08 23:22:55 +02:00
Jelmer Vernooij
6510b2cdd2 s4-net: Use new Net() object in net export keytab. 2010-04-08 23:22:55 +02:00
Jelmer Vernooij
814e20e7da pynet: Create a net class. 2010-04-08 23:22:55 +02:00
Jelmer Vernooij
cf17d48dec Migrate 'net export keytab' to python. 2010-04-08 22:37:35 +02:00
Andrew Tridgell
b690fedef5 s4-waf: removed the AUTOGENERATED markers
we won't be using the mk -> wscript generator again
2010-04-06 20:27:16 +10:00
Andrew Tridgell
f9eae32f4b s4-waf: mark the wscript files as python so vim/emacs knows how to highlight them 2010-04-06 20:27:11 +10:00
Andrew Tridgell
2974f8d947 build: fixed libcli/ndr_netlogon.c dependency rules 2010-04-06 20:26:59 +10:00
Andrew Tridgell
845e0cbe6f build: commit all the waf build files in the tree 2010-04-06 20:26:48 +10:00
Stefan Metzmacher
733701ae9b s4:libnet/libnet_passwd.c: add explicit check for NTSTATUS r.out.result
metze
2010-03-29 15:35:52 +02:00
Stefan Metzmacher
cd3ae926e7 s4:libnet/libnet_samsync.c: add explicit check for NTSTATUS r.out.result
metze
2010-03-29 15:35:52 +02:00
Stefan Metzmacher
d0efef3f86 s4:libnet/libnet_join.c: add explicit check for NTSTATUS r.out.result
metze
2010-03-29 15:35:51 +02:00
Kamen Mazdrashki
db02ca65a0 s4/drs: Implement DsAddEntry V3 error handling 2010-03-24 17:34:42 +02:00
Kamen Mazdrashki
04f4ea6ae2 s4/drs: Refactor error handling for DsAddEntry V3 replies
Dumping for specific error classes are to be implemented properly
in the near future.
2010-03-24 17:34:39 +02:00
Kamen Mazdrashki
00fce797e8 s4/drs: drsuapi_DsAddEntry_ErrData propagate structure def in source code 2010-03-24 17:34:37 +02:00
Kamen Mazdrashki
427a1f3c62 s4/drs: DsAddEntry - extending error handling for V2 replies
After having more complete definition for DsAddEntryReply V2
structure, we can now handle error state in more robust way,
not just counting on number of objects returned.
2010-03-24 17:34:35 +02:00
Kamen Mazdrashki
58ddf31ad1 s4/drs: drsuapi_DsAddEntryErrorInfoX changes propagated to source code 2010-03-24 17:34:34 +02:00
Kamen Mazdrashki
05db9365b6 s4/drs: DsAddEntry - Propagating unsigned switches to source code 2010-03-24 17:34:31 +02:00
Stefan Metzmacher
48cd096126 s4:libnet: don't include librpc/rpc/dcerpc.h directly
metze
2010-03-23 18:44:32 +01:00
Andrew Bartlett
2de07761e0 s4:dsdb Change dsdb_get_schema() callers to use new talloc argument
This choses an appropriate talloc context to attach the schema too,
long enough lived to ensure it does not go away before the operation
compleates.

Andrew Bartlett
2010-03-16 19:26:03 +11:00
Stefan Metzmacher
9e0557a149 s4:libnet/libnet_time.c: make use of dcerpc_binding_handle stubs
metze
2010-03-12 15:25:52 +01:00
Stefan Metzmacher
07a28b1923 s4:libnet/libnet_share.c: make use of dcerpc_binding_handle stubs
metze
2010-03-12 15:25:52 +01:00
Stefan Metzmacher
02c61f520c s4:libnet/libnet_samsync.c: make use of dcerpc_binding_handle stubs
metze
2010-03-12 15:25:51 +01:00
Stefan Metzmacher
19d229a11b s4:libnet/libnet_passwd.c: make use of dcerpc_binding_handle stubs
metze
2010-03-12 15:25:51 +01:00
Stefan Metzmacher
bec3d8e7ae s4:libnet/libnet_join.c: make use of dcerpc_binding_handle stubs
metze
2010-03-12 15:25:51 +01:00
Stefan Metzmacher
a011cbccb7 s4:libnet/libnet_rpc.c: make use of use tevent_req based dcerpc_binding_handle stubs
metze
2010-03-12 15:25:45 +01:00
Stefan Metzmacher
c190ae1631 s4:libnet/usernam.c: make use of use tevent_req based dcerpc_binding_handle stubs
metze
2010-03-12 15:25:44 +01:00
Stefan Metzmacher
a8967c378c s4:libnet/userinfo.c: make use of use tevent_req based dcerpc_binding_handle stubs
metze
2010-03-12 15:25:44 +01:00
Stefan Metzmacher
ccc0ab6811 s4:libnet/libnet_user.c: make use of use tevent_req based dcerpc_binding_handle stubs
metze
2010-03-12 15:25:44 +01:00
Stefan Metzmacher
c148405a12 s4:libnet/libnet_lookup.c: make use of use tevent_req based dcerpc_binding_handle stubs
metze
2010-03-12 15:25:44 +01:00
Stefan Metzmacher
eae3436320 s4:libnet/libnet_group.c: make use of use tevent_req based dcerpc_binding_handle stubs
metze
2010-03-12 15:25:43 +01:00
Stefan Metzmacher
3d72524ab4 s4:libnet/libnet_domain.c: make use of use tevent_req based dcerpc_binding_handle stubs
metze
2010-03-12 15:25:43 +01:00
Stefan Metzmacher
f0a394315d s4:libnet_unbecome_dc: make use of use tevent_req based dcerpc_binding_handle stubs
metze
2010-03-12 15:25:43 +01:00
Stefan Metzmacher
2c5bbea8cb s4:libnet_become_dc: make use of use tevent_req based dcerpc_binding_handle stubs
metze
2010-03-12 15:25:42 +01:00
Stefan Metzmacher
8dc4fd921b s4:libnet/group*: make use of tevent_req based dcerpc_binding_handle stubs
metze
2010-03-12 15:25:42 +01:00
Stefan Metzmacher
a3ae9802d4 s4:libnet: keep a dcerpc_binding_handle for samr and lsa
metze
2010-03-12 15:25:42 +01:00
Matthias Dieter Wallnöfer
ec6843402c s4:libnet - change variables to "unsigned" where needed 2010-03-10 20:23:43 +01:00
Matthias Dieter Wallnöfer
af72a63cff s4:libnet_become_dc - change counter variables to "unsigned" where they count LDB objects 2010-03-10 20:22:06 +01:00
Kamen Mazdrashki
6321b26361 s4/drs: DsRemoveDSServer - Propagating IDL changes to source code
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-03-10 17:12:06 +01:00
Kamen Mazdrashki
2483ed362b s4/drs: DsCrackNames - Propagating IDL changes to source code
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-03-10 17:12:02 +01:00
Kamen Mazdrashki
9f21787131 s4/drs: DsGetNCChanges - Propagating IDL changes to source code
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-03-10 17:11:57 +01:00
Stefan Metzmacher
56b97000bd s4:libnet_become_dc: don't look at the internals of 'struct rpc_request'
metze
2010-03-01 16:11:57 +01:00
Stefan Metzmacher
f995e596bb s4:libnet: make use of explicit dcerpc_*_recv functions
metze
2010-03-01 16:11:53 +01:00
Stefan Metzmacher
5d33c6d4f9 s4:libnet_become_dc: make use of explicit dcerpc_*_recv functions
metze
2010-03-01 16:11:53 +01:00
Anatoliy Atanasov
c65abcf9d3 s4/libnet: Fix misleading comment 2010-03-01 14:17:32 +02:00
Stefan Metzmacher
7473ca2d33 s4:libnet: use generate_random_password()
metze
2010-02-26 08:57:28 +01:00
Stefan Metzmacher
b6737c1a7c s4:libnet: use a connected CLDAP socket.
This is needed because we don't (want) to specify an explicit
local address. And the socket family (ipv4 vs. ipv6) needs to
be autodetected based on the remote address before the
socket() syscall.

Otherwise we would try to connect to a ipv4 address through an
ipv6only socket.

metze
2010-02-26 13:22:12 +11:00
Brad Hards
1e986c1cb3 More spelling fixes across source4/
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-22 21:45:38 +01:00
Anatoliy Atanasov
968bd16b49 s4/rodc: change the libnet_become_dc code to do RODC join 2010-02-17 18:03:32 +02:00
Andrew Tridgell
90203f87e7 s4-dsdb: change samdb_replace() to dsdb_replace() and allow for dsdb_flags
This allows for controls to be added easily where they are needed.
2010-02-16 21:10:50 +11:00
Kamen Mazdrashki
8823a549ca s4/drs: propagate DRS_ extension flags in code base 2010-02-05 10:51:57 +01:00
Simo Sorce
3ce54a4a97 s4:kdc move db functions in their own file
Keep all heimdal related plugin code within hdb_samba4.c
Move interfaces needed by multiple plugins in db-glue.c

Move sequence context in main db context so that we do
not depend on db->hdb_dbc in the common code.

Remove unnecessary paremeters from function prototypes
2010-01-28 19:33:34 -05:00
Simo Sorce
c6865af445 s4:kdc Use better db context structure
This allows to use a common structure not tied to hdb_samba4
Also allows to avoid many casts within hdb_samba4 functions

This is the first step to abstract samba kdc databse functions
so they can be used by the MIT forthcoming plugin.
2010-01-28 19:33:34 -05:00
Andrew Tridgell
f461a72ec3 idl: switched to using the WSPP names for the 'neighbour' DRS options
The documentation shows that all these functions in fact use the same
flags variable type. To be consistent between functions, and to allow
easy reference to the WSPP docs, it is better for us to also use this
generic DrsOptions bitfield rather than one per operations.
2010-01-18 07:25:18 +11:00
Andrew Tridgell
a5d6117065 s4-torture: switch to generic DRS options flags 2010-01-14 15:37:59 +11:00
Andrew Tridgell
8ccedc3ac7 s4-libnet: dsdb_wellknown_dn() in vampire code 2010-01-09 18:56:29 +11:00
Andrew Tridgell
73838b353a s4-libnet: better error messages in libnet_vampire.c 2010-01-08 13:03:04 +11:00
Jelmer Vernooij
ef453c63af py_net/libnet: Remove C++-style comments, add more error checking, move
initialization of dcerpc subsystem to libnet.
2009-12-25 14:48:45 +01:00
Kamen Mazdrashki
20c7c27322 s4-libnet: Python binding for libnet_SetPassword()
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2009-12-25 14:15:42 +01:00
Kamen Mazdrashki
f03e88fa4b s4-net: Fix 'talloc_free with references ...' error
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2009-12-25 14:15:31 +01:00
Matthias Dieter Wallnöfer
31321ac868 s4:libnet/libnet_become_dc - Fix a small glitch in "becomeDC_drsuapi1_add_entry_send"
We shouldn't use the now uninitialised "status" variable anymore.
2009-12-11 11:19:32 +01:00
Andrew Tridgell
982228605f s4-libnet: use GUID_to_ndr_blob() 2009-12-10 17:51:28 +11:00
Matthias Dieter Wallnöfer
e77c0f1b50 s4:libnet_become_dc - fix typo 2009-11-24 19:17:08 +01:00
Andrew Bartlett
39b8f31d66 s4:dsdb Load objectGUID and extended DN defaultObjectCategory into the schema
The load of defaultObjectCategory as an extended DN means we need to
use the common parsing functions I just split out, rather than the
GET_DS_DN macro.

The objectGUIDs are loaded so that we can create the extended DN when
we load from LDIF (and are loaded for the other cases for
consistency).

Also adapt callers to API changes needed for common parsing code

Andrew Bartlett
2009-11-17 10:38:02 +11:00
Andrew Bartlett
df7546ac16 s4:dsdb/repl Split the 'convert' or 'commit' stages in the DRS import
This will allow us in future to do tests on the LDB values we generate
from the DRS replication.

Andrew Bartlett
2009-11-12 16:34:10 +11:00
Andrew Bartlett
d053584443 s4:vampire Print error message when we fail on the CLDAP ping
Andrew Bartlett
2009-11-12 16:34:08 +11:00
Matthias Dieter Wallnöfer
dae1258acd s4:libnet_passwd - fix pointer type 2009-11-06 22:05:12 +01:00
Kamen Mazdrashki
ba4d87f817 s4/drs: dsdb_map_int2oid() replaced by dsdb_schema_pfm_oid_from_attid()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06 14:05:43 +01:00
Kamen Mazdrashki
ddab9d1fe7 s4/drs: dsdb_verify_oid_mappings_drsuapi() replaced by dsdb_schema_pfm_contains_drsuapi_pfm()
dsdb_schema_pfm_contains_drsuapi_pfm() is part of reimplemented
prefixMap interface.

This name was choosen to clearly show, that this a week verification
in case we want to determine if remote schema is changed.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06 14:05:42 +01:00
Kamen Mazdrashki
a83385303b s4/drs: dsdb_load_oid_mappings_drsuapi() -> dsdb_load_prefixmap_from_drsuapi()
Also, dsdb_load_oid_mappings_drsuapi() was reimplemented to use
dsdb_schema_pfm_from_drsuapi_pfm() function to load
drsuapi_prefixMap into schema->prefixmap

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06 14:05:41 +01:00
Andrew Tridgell
3050f83288 s4-python: we need to include Python.h first
If we don't include Python.h first then we get a pile of warnings due
to broken redefines of XOPEN_SOURCE in the Python includes.
2009-10-23 16:23:01 +11:00
Andrew Tridgell
4ad0397d8a s4-ldbwrap: added re-use of ldb contexts in ldb_wrap_connect()
This allows us to reuse a ldb context if it is open twice, instead
of going through the expensive process of a full ldb open. We can
reuse it if all of the parameters are the same.

The change relies on callers using talloc_unlink() or free of a parent
to close a ldb context.
2009-10-23 14:52:17 +11:00
Andrew Tridgell
89ba043c7d s4-libnet: fixed privilege handling in samsync to use the right db
I only noticed this one because of Karolins spelling fix :-)
2009-10-19 20:03:12 +11:00
Karolin Seeger
fa08d0b44b Fix typo.
privilage -> privilege

Karolin
2009-10-19 09:47:33 +02:00
Matthias Dieter Wallnöfer
44df2488e3 s4: fix various warnings (not "const" related ones) 2009-10-02 15:33:48 +02:00
Andrew Tridgell
5c07c7eac2 s4-libnet: give sane error messages when functional levels don't match
It is nice to tell the user why their command failed :-)
2009-10-02 15:09:59 +10:00
Matthias Dieter Wallnöfer
45a237ce88 s4:libnet_become_dc - add checks for valid domain/forest function levels
Add checks to make sure that we join only supported AD domains (we agreed that
those are >= (Windows) 2003 Native per default - this is changeable with the
"ads:function level" option).
Add also checks to make sure that we cannot join domains which have a bigger
function level than our DC capable function level (e.g. a (Windows) 2008 DC
cannot join a (Windows) 2008 R2 domain).
2009-10-02 14:22:01 +10:00
Andrew Tridgell
808585b4fe s4-libnet: fixed debug formatting 2009-09-28 10:25:31 +10:00
Andrew Tridgell
a9188f7e10 s4-libnet: allow the functional level of becomeDC to be specified
Use
   ads:functional level = 4
for DS_DC_FUNCTION_2008_R2

See libds/common/flags.h
2009-09-24 10:34:53 -07:00
Andrew Tridgell
3cd0f9e264 s4-libnet: avoid a steal with references error 2009-09-24 10:33:36 -07:00
Matthias Dieter Wallnöfer
32f4afd617 s4:libnet_become_dc - bump down the level requested by abartlet 2009-09-21 11:59:07 +02:00
Andrew Bartlett
bfddb6816f s4:provision Use code to store domain join in 'net join' as well
This ensures we only have one codepath to store the secret, and
therefore that we have a single choke point for setting the
saltPrincipal, which we were previously skipping.

Andrew Bartlett
2009-09-20 16:29:38 -07:00
Andrew Tridgell
92786aebf1 s4-resolve: fixed a crash bug on timeout
We were creating the name resolution context as a child of lp_ctx,
which meant when we gave up on a connection the timer on name
resolution kept running, and when it timed out the callback crashed as
the socket was already removed.
2009-09-19 08:23:03 -07:00
Matthias Dieter Wallnöfer
4445cdfad2 s4:libnet_become_dc - Fix some uninitialised variables 2009-09-17 18:27:31 +02:00
Matthias Dieter Wallnöfer
0c202e403f s4/domain behaviour flags: Fix them up in various locations
Additional notes:
- Bump the level to Windows Server 2008 R2 (we should support always the latest
  version - if we provision ourself)
- In "descriptor.c" the check for the "domainFunctionality" level shouldn't be
  needed: ACL owner groups (not owner user) are supported since Windows 2000
  Server (first AD edition)
  - I took the argument from: http://support.microsoft.com/kb/329194
2009-09-17 12:40:33 +02:00
Andrew Tridgell
458dda1f15 s4-repl: don't do double replication
When we replicate from a remote DC, we need to note the new uSN that
the local changes have resulted in, and modify the uSN that the notify
task uses to determine if it should send a ReplicaSync message back to
the remote DC. Otherwise we end up always triggering a ReplicaSync
every time we replicate from another DC
2009-09-15 18:45:43 -07:00
Andrew Tridgell
557cc460f2 s4/vampire: fixed i/j index mixup in vampire code 2009-09-10 01:26:34 +10:00
Andrew Tridgell
3cb1caf0ef s4: allow repl:RODC=true/false to set ourselves as a RODC
I think this is what windows DCs use to see that we are read-only, but
I am not sure. Needs more testing.
2009-09-09 12:36:51 +10:00
Andrew Tridgell
9a3db7e331 s4: fixed updaterefs options bitmap 2009-09-08 11:52:45 +10:00
Andrew Tridgell
86f3a2ea09 s4: fixed the secrets.ldb construction in libnet
on a vampire join we were not putting the right attributes and
objectclass on the secrets.ldb record
2009-09-07 10:33:47 +10:00
Andrew Tridgell
7dbe0797b1 show more reasonable object counts during a vampire
We now show the total number of objects we have processed, which gives
the user a better idea of how much has been done. A vampire on a large
domain can take an hour or more (which needs to be fixed btw, it is a
problem with the lack of scalability of the ltdb index code). Watching
the same msg for an hour makes you wonder if any progress is being
made!
2009-09-03 18:36:09 +10:00
Andrew Tridgell
69802b3a3b wrap the entire vampire operation in a transaction
We want to grab the whole database, or none of it.
This is also needed to get linked attributes right
2009-09-02 18:19:55 +10:00
Stefan Metzmacher
ff37d6631c s4:libnet: use talloc_strdup() instead of talloc_reference()
metze
2009-07-31 14:42:03 +02:00
Andrew Bartlett
4e049b0a1c Fix compile of py_net.c 2009-07-28 18:00:46 +10:00
Andrew Bartlett
058cd95c88 s4:libnet Add in a 'credentials' parameter for python libnet_Join 2009-07-28 16:06:05 +10:00
Andrew Bartlett
47a7a2e442 s4:kerberos Add 'net export keytab' command for wireshark decryption
It is much easier to do decryption with wireshark when the keytab is
available for every host in the domain.  Running 'net export keytab
<keytab name>' will export the current (as pointed to by the supplied
smb.conf) local Samba4 doamin.

(This uses Heimdal's 'hdb' keytab and then the existing hdb-samba4,
and so has a good chance of keeping working in the long term).

Andrew Bartlett
2009-07-28 08:52:43 +10:00
Stefan Metzmacher
b7c003c09c Revert "s4:kerberos Add 'net export keytab' command for wireshark decryption"
This reverts commit a40ce5d0d9.

This breaks the build...

Andrew, please repush it, when it's fixed:-)

metze
2009-07-27 17:41:11 +02:00
Andrew Bartlett
a40ce5d0d9 s4:kerberos Add 'net export keytab' command for wireshark decryption
It is much easier to do decryption with wireshark when the keytab is
available for every host in the domain.  Running 'net export keytab
<keytab name>' will export the current (as pointed to by the supplied
smb.conf) local Samba4 doamin.

(This uses Heimdal's 'hdb' keytab and then the existing hdb-samba4,
and so has a good chance of keeping working in the long term).

Andrew Bartlett
2009-07-27 22:41:42 +10:00
Jelmer Vernooij
28d155499a Add missing includes. 2009-07-19 13:39:38 +02:00
Stefan Metzmacher
722765213b s4:libnet: rename uint => uint32_t because uint is not portable
metze
2009-07-15 20:47:00 +02:00
Günther Deschner
8db45607f8 libds: share UF_ flags between samba3 and 4.
Guenther
2009-07-13 15:36:06 +02:00
Andrew Tridgell
865ca9be64 the settings structure needs to be initialised 2009-07-02 14:55:38 +10:00
Andrew Tridgell
27620c85e7 use a talloc_reparent in a very ugly way
this works around some terrible use of talloc in the libnet code
2009-07-01 15:15:37 +10:00
Andrew Tridgell
0534ae012b use the new talloc_reparent in two places 2009-07-01 15:15:37 +10:00
Andrew Bartlett
58e8db912d s4:libnet Allow 'net password change' to work on expired passwords
We need to pass down flags to the DCE/RPC layer to allow fallback to
anonymous connections, as we can't log in with an expired password.

The anonymous connection can then change the password with SAMR.

Andrew Bartlett
2009-06-18 13:49:30 +10:00
Andrew Tridgell
4dcc058ea1 fixed the client side password change code
The client side code was not falling back to older routines correctly
as it didn't check for the operation range error appropriately. It
also used the old rpc semantics.
2009-05-25 13:40:52 +10:00
Andrew Bartlett
aa5cee2288 s4:libnet Use str_list_make_single() in resolv code 2009-05-14 05:56:59 +10:00
Andrew Bartlett
5095d7b1c8 Rework Samba4 to use the new common libcli/auth code
In particular, this is the rename from creds_ to netlogon_creds_, as
well as other links to use the new common crypto.

Andrew Bartlett
2009-04-14 16:23:44 +10:00
Andrew Bartlett
df8e1908ef Use common samsync delta decryption functions in libnet_samsync.c
Andrew Bartlett
2009-04-14 16:23:43 +10:00
Andrew Tridgell
9539e2b508 major upgrade to the ldb attribute handling
This is all working towards supporting the full WSPP schema without a
major performance penalty.

We now use binary searches when looking up classes and attributes. We
also avoid the loop loading the attributes into ldb, by adding a hook
to override the ldb attribute search function in a module. The
attributes can thus be loaded once, and then saved as part of the
global schema. 

Also added support for a few more key attribute syntaxes, as needed
for the full schema.
2009-04-02 16:42:21 +11:00
Stefan Metzmacher
c600e8ef42 s4:cldap: rewrite the cldap library based on tsocket
metze
2009-03-19 16:25:59 +01:00
Jelmer Vernooij
94069bd274 s4: Use same function signature for convert_* as s3. 2009-03-01 19:55:46 +01:00
Jelmer Vernooij
9ffb6d2d9e Add allow_badcharcnv argument to all conversion function, for
consistency with Samba 3.
2009-03-01 06:33:40 +01:00
Stefan Metzmacher
aa9c6b58f5 s4:libnet: s/new/n
metze
2009-02-02 13:09:17 +01:00
Stefan Metzmacher
1bb0104070 s4:cldap: s/private/private_data
metze
2009-02-02 13:08:42 +01:00
Stefan Metzmacher
c005bbddb7 s4:libnet/: s/private/private_data
metze
2009-02-02 13:08:29 +01:00
Stefan Metzmacher
183c379fe5 s4:lib/tevent: rename structs
list=""
list="$list event_context:tevent_context"
list="$list fd_event:tevent_fd"
list="$list timed_event:tevent_timer"

for s in $list; do
	o=`echo $s | cut -d ':' -f1`
	n=`echo $s | cut -d ':' -f2`
	r=`git grep "struct $o" |cut -d ':' -f1 |sort -u`
	files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4`
	for f in $files; do
		cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp
		mv $f.tmp $f
	done
done

metze
2008-12-29 20:46:40 +01:00
Kai Blin
855d2a927e s4 libnet: Add support for groupinfo by sid lookup 2008-12-29 12:52:27 +01:00
Kai Blin
181d4fd31a s4 libnet: Add group_name member to struct libnet_GroupInfo's out struct. 2008-12-29 12:52:26 +01:00
Stefan Metzmacher
37b6950961 s4:libnet_samdump_keytab: pass down event_context explicit
metze
2008-12-29 09:46:38 +01:00
Jelmer Vernooij
ff26cb4b1c Fix compiler warnings in libnet. 2008-12-23 22:11:21 +01:00
Günther Deschner
4bcf8edcf8 s4-samr: fix samr callers after SAMR_FIELD_PASSWORD change.
Guenther
2008-12-05 14:27:03 +01:00
Günther Deschner
296fae7561 s4-samr: fix samr passwdord_expired callers.
Guenther
2008-11-28 13:55:49 +01:00
Günther Deschner
09998ab89d s4-samr: merge samr_QueryUserInfo{2} from s3 idl. (fixme: python)
Guenther
2008-11-10 21:46:31 +01:00